Advisories ยป MGASA-2014-0474

Updated kernel packages fix security vulnerabilities

Publication date: 21 Nov 2014
Modification date: 21 Nov 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-3610 , CVE-2014-3611 , CVE-2014-3646 , CVE-2014-3647

Description

This kernel update is based on upstream -longterm 3.14.24 and
fixes the following security issues:

The WRMSR processing functionality in the KVM subsystem in the Linux
kernel through 3.17.2 does not properly handle the writing of a non-
canonical address to a model-specific register, which allows guest OS
users to cause a denial of service (host OS crash) by leveraging guest
OS privileges, related to the wrmsr_interception function in
arch/x86/kvm/svm.c and the handle_wrmsr function in arch/x86/kvm/vmx.c
(CVE-2014-3610).

Race condition in the __kvm_migrate_pit_timer function in
arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through
3.17.2 allows guest OS users to cause a denial of service (host OS crash)
by leveraging incorrect PIT emulation (CVE-2014-3611).

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel through 3.17.2
does not have an exit handler for the INVVPID instruction, which allows
guest OS users to cause a denial of service (guest OS crash) via a crafted
application (CVE-2014-3646).

arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through
3.17.2 does not properly perform RIP changes, which allows guest OS users
to cause a denial of service (guest OS crash) via a crafted application
(CVE-2014-3647).

Other changes:
Revert "drivers/net: Disable UFO through virtio" as it breaks VM migration
add ahci support for Intel Sunrise Point / Skylake
make INTEL_MEI modular (mga#14469)

For other upstream changes, read the referenced changelog.

References

SRPMS

4/core

4/nonfree